CISM Certified Information Security Manager – Question1445

An organization experienced a data breach and followed its incident response plan. Later it was discovered that the plan was incomplete, omitting a requirement to report the incident to the relevant authorities. In addition to establishing an updated incident response plan, which of the following would be MOST helpful in preventing a similar occurrence?

A.
Attached reporting forms as an addendum to the incident response plan
B. Management approval of the incident reporting process
C. Ongoing evaluation of the incident response plan.
D. Assignment of responsibility for communications.

Correct Answer: D